Cyber Supply Chain Committee

The Supply Chain Committee’s goal is to facilitate industry, government, and academia interaction in policy, legislative, legal and technical areas directly related to increased resiliency and protecting against supply chain cyber threats and vulnerabilities.  Such interaction is intended to promote the development of a secure, resilient and reliable supply chain and to provide for an exchange of information and views between industry, academia, government and military representatives.  The effective cooperation between these groups is essential to establish and maintain U.S. superiority in supply chain cyber security.

Co-Chairs

Donald Davidson
Cyber-SCRM (SME) -- Londonhico@gmail.com

Don Davidson was the Director, Cyber-SCRM (Supply Chain Risk Management) Programs at Synopsys, where he helped stand-up a new Chief Security Office (CSO) in the Office of the President. He is active in several NDIA Divisions.  Synopsys is an active NDIA member and the Synopsys CSO (Davidson’s boss) is on the NDIA BoD.  Synopsys does not do much contract work directly with DoD, but we do support 80+% of the Defense Industrial Base (DIB).  Synopsys provides hardware & software information technology enabling capabilities, that are changing the way we live, work, play & conduct military operations.

He retired from the US Department of Defense (DoD) in Jan 2019 with over 44 years of Federal Service (to include 11 years as an active-duty US Army Field Artillery Officer).  He served his last 15 years in the Office of the Secretary of Defense (in both AT&L & DoD-CIO), often leading public-private Outreach, Science & Standards activities; he co-sponsored, planned and executed quarterly public-private Software & Supply Chain Assurance (SSCA) 2-3 day Conferences at MITRE for 10 years, with attendance of 100-200 people per event from industry, academia, US government (DoD & interagency) and international partners.

Bruce Jenkins
Black Duck Software, Inc. -- Bruce.Jenkins@blackduck.com

Bruce C. Jenkins has been involved in physical, IT, and application security for over 20 years and currently leads the cybersecurity program at Black Duck Software, Inc. He is a 28-year US Air Force veteran whose career as an application security evangelist began after a 2005 security breach that resulted in the theft of PII that affected 33,000 military officers. Mr. Jenkins has a BS in computer science and MS in management science and holds professional certifications in data privacy, information security management, secure software lifecycle, and information systems security. He has spoken about cybersecurity and software supply chain risks in Asia, Europe, and North America.